blob: 42adc0c8a6e54c64d48fd7052628b17ac77bc5d8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Description: Improper validation of GSO segment length on forwarding path
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1541846
https://patchwork.ozlabs.org/patch/859410/
http://lists.openwall.net/netdev/2018/01/16/40
http://lists.openwall.net/netdev/2018/01/18/96
Notes:
bwh> This is fixed for bnx2x specifically by commits 2b16f048729b
bwh> "net: create skb_gso_validate_mac_len()" and 8914a595110a
bwh> "bnx2x: disable GSO where gso_size is too big for hardware".
bwh> But this is really a core networking bug and must be fixed
bwh> there, because other drivers and hardware are almost
bwh> certainly affected.
carnil> apparently the CVE is specifically associated only with
carnil> 2b16f048729b and 8914a595110a, so consider it released
carnil> with those two commits. The two commited are as well to
carnil> be included in 4.14.102 and 4.9.159.
carnil> Do we maybe need a separate CVE for the generic issue?
bwh> The fix depends on the ndo_features_check operation (or its
bwh> predecessor ndo_gso_check), which doesn't exist in 3.16.
Bugs:
upstream: released (4.16-rc1) [8914a595110a6eca69a5e275b323f5d09e18f4f9, 2b16f048729bf35e6c28a40cbfad07239f9dcd90]
4.19-upstream-stable: N/A "Fixed before branching point"
4.9-upstream-stable: released (4.9.159) [84d8c3a7e1a48df8d21d100181b1d97a3adc50e5, f3fe2c72a7b7361a306ca1b51387bb2f995216a2]
3.16-upstream-stable: ignored "Minor issue, requires core networking changes"
3.2-upstream-stable: ignored "EOL"
sid: released (4.16.5-1)
4.9-stretch-security: released (4.9.161-1)
3.16-jessie-security: ignored "Minor issue, requires core networking changes"
3.2-wheezy-security: ignored "EOL"
|
